This exploit demonstrates an arbitrary file download vulnerability in MPC Sharj 3.11.1 Beta via the 'download.php' script. The vulnerability arises from improper handling of the 'id' parameter, allowing an attacker to read arbitrary files by encoding the path in base64 and reversing it.
Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:MPC Sharj 3.11.1 Beta
No auth needed
Prerequisites:Network access to the target application · The 'download.php' script must be accessible